As more and more of our global economy moves online, so does our crime. Every day more and more networks come online around the world. Add to that the “internet of things” and the avenues that a criminal can use to commit a crime are seemingly endless. Cyber criminals are a growing threat today that is worse than at any time in our past. Today a criminal doesn’t even have to leave their home in order to go after a company. So how does your business combat Cyber Security Threats?
However, it is possible to protect both yourself and your company. The biggest way to combat cyber criminals is through knowledge and awareness.
To aid in that end, we’ve put together the top 10 cyber security threats that businesses are facing in 2017.
Top 10 Cyber Security Threats Facing Australian Business in 2017
1. A large number of attacks occur because of unsecured Shadow IT.
Nine times out of ten companies focus on numbers rather whether a system works or not. Often times this means that employees will turn to any tool that will help them attain the numbers they need to keep their jobs, and whether or not it’s secure doesn’t matter. Rather than turning to a policy of detection and punishment, companies would be better off working with their employees to find what works. By doing this, it allows IT teams to secure the programs, while still allowing non-IT staff to use programs that meet their needs.
2. According to Gartner, “by 2020, more than 25% of identified enterprise attacks will involve IoT, though IoT will account for only 10% of IT security budgets.”
What this means is that companies need to get ahead of the game now and get a thorough understanding of the “Internet of Things” now, and thoroughly vet any products that become part of daily use. It’s better to lay a plan ahead of time rather than having to scramble after an attack, to not only repair any damage to the company but also to find and fix the hole in the security.
3. Password strength will continue to be an issue.
As the attacks on Yahoo, last year showed, passwords alone are not enough to protect most accounts, especially when it comes to businesses. The problem is that people tend to use the same passwords across multiple accounts. All it takes is one account being compromised, and several others are now at risk as well. This needs to be addressed at all levels of a company, to use varied passwords across accounts, as well as looking for two and three-factor recognition when available.
4. Ransomware will only continue to grow as a threat.
As of September of last year, ransomware was set to be a billion dollar loss for businesses, according to ZDNet. Rather than targeting individuals, cyber criminals have realised that the real money is in small to medium businesses that don’t have the money to spend on their security and are raking it in. Given how easy this type of attack is to pull off, analysts expect this number to only continue to rise as criminals become bolder.
5. Social Engineering Will Reach the Level of An Art
While larger companies do have the money to pour into their firewalls, they don’t always protect their most valuable assets, their employees. Cyber criminals have caught on to this, and are taking social engineering to an art form. This is a tactic where cyber criminals attempt to create a believable cover from which to breach a network. This can be anything from a phishing email that impersonates a coworker or superior, to obtaining a janitor’s uniform and attempting to con their way into the premises. It’s critical therefore that companies train their employees on threat detection and how to handle anything suspicious that might come their way.
6. Internal threats will increase.
Piggy-backing on our last one, when social engineering and outside attacks fail, attackers will move on to credential theft and working to get people on the inside of companies, similar to how industrial espionage works today.
7. BYOD policies will come under fire.
It’s estimated by Heimdal Security that 50% of companies will require BOYD by 2017. While this does have benefits for reducing costs for companies, it also opens up a plethora of security pitfalls that are difficult to close. BYOD policy will, therefore, be a continuous problem for companies seeking to find a balance between the two.
8. Anti-DDoS is likely to be commercialised in the near future.
As DDoS attacks have reached and surpassed the 500GB mark, experts are theorising that it’s only a matter of time before a startup in an under regulated country will take a crack at this. A new startup that directly attacks and patches botnet systems will launch, and will likely be directly responsible for patching a hundred million hosts.
9. The number of attacks on cloud-based platforms will skyrocket.
Early in 2017 72% of companies are adopting cloud platforms. We will see an increase in attacks targeting cloud management platforms, workloads, and enterprise SaaS application.
10. 99% of the flaws exploited by criminals are ones that security and IT professionals have known about for at least a year.
“If companies know about them, why aren’t they fixing them then?” We’ve asked the same thing. The problem is that there isn’t enough time in the day, and most companies utilise their IT professionals for the daily grind rather than focusing on protecting and maintaining their networks.
If you’re interested in learning more about security threats to your business, and how we can help, contact us today.
Need help with a your Cyber Security?
Speak to the experienced team at Stanfield IT on 1300 910 333